* "Bernhard M. Wiedemann via rb-general"
[2022-12-14 20:30]:
> a colleague of mine is rather skeptic towards bootstrapping and
> reproducible-builds.
> [...]
> In the end, it would be useful to collect some well-worded / well-thought
> counter-arguments on r-b.o (if we don't have that already)
>
I suggest writing a longer paper on "why reproducible builds" and posting it on
the r-b website.
Here are few quick points from me that might be helpful.
In general, we should focus on risk.. but not just current risk, but future
risk.
It's absolutely *true* that unintentional vulnerabilities
On 18/12/2022 02.09, Martin via rb-general wrote:
Controlling hardware is essential
https://www.bunniestudios.com/blog/?p=5706
Covers the topic of why open-source hardware is not enough to build
trustable devices.
TLDR: there are ways to subvert silicon that cannot be detected, even
Hi,
The diffoscope maintainers are pleased to announce the release of
version 229 of diffoscope.
diffoscope tries to get to the bottom of what makes files or
directories different. It will recursively unpack archives of many
kinds and transform various binary formats into more human-readable
